I have about 5 million acs_objects . So far with tweeks I havn't had any real problems except when trying to get permissions on large data sets. In looking over my data I've noticed that the vast majority of permissions are granted to groups. Also most users are not in very many groups. I suspect this is true for most implementaions and led me to the following thought.
What if you could only grant permission on groups and then change permssion_p to query based on what groups you are in instead of who you are? It seems like this would reduce the number of rows in the permssion views because they would only contain groups. For the times you need to grant permission to just one user you could create a group with one user in it (this could be done by default when the user is created).
I haven't really given this much thought, but I think it would be as flexible as the current model. Does anyone think it would be faster in the real world?